CVE-2014-4856

Cross-site scripting XSS vulnerability in the Polldaddy Polls & Ratings plugin before 2.0.25 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to a ratings shortcode and a unique ID. NOTE: some of these details are obtained from third party informati...

CVE-2014-4308

Multiple cross-site scripting XSS vulnerabilities in NICE Recording eXpress aka Cybertech eXpress before 6.5.5 allow remote attackers to inject arbitrary web script or HTML via the 1 USRLNM parameter to myaccount/mysettings.edit.validate.asp or the frame parameter to 2...

CVE-2014-4335

Multiple cross-site scripting XSS vulnerabilities in BarracudaDrive 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 host or 2 password parameter to rtl/protected/admin/ddns/...

CVE-2005-1713

Multiple cross-site scripting XSS vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 templatedropdown and 2 shoutbox plugins...

CVE-2005-1443

Multiple cross-site scripting XSS vulnerabilities in index.php for Invision Power Board IPB 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the 1 act, 2 Members, 3 calendar, or 4 HID parameters...

CVE-2005-1308

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

CVE-2005-1140

Cross-site scripting XSS vulnerability in myBloggie 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the comments...

CVE-2005-1076

Cross-site scripting XSS vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote attackers to inject arbitrary web script or HTML via the message field...

CVE-2005-1715

Cross-site scripting XSS vulnerability in index.php for TOPo 2.2 2.2.178 allows remote attackers to inject arbitrary web script or HTML via the 1 m, 2 s, 3 ID, or 4 t parameters, or the 5 field name, 6 Your Web field, or 7 email field in the comments section...

CVE-2005-1085

Cross-site scripting XSS vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML...

CVE-2005-1886

Cross-site scripting XSS vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via 1 the phid parameter or 2 unknown parameters when posting a new comment...

CVE-2005-1581

Cross-site scripting XSS vulnerability in Bug Report 1.0 allows remote attackers to inject arbitrary web script or HTML via various fields to bugreport.php, which are not filtered or quoted when processed by buglist.php or admin/index.php...

CVE-2005-1653

Cross-site scripting XSS vulnerability in message.htm for Woppoware PostMaster 4.2.2 build 3.2.5 allows remote attackers to inject arbitrary web script or HTML via the email parameter...

CVE-2005-1819

Cross-site scripting XSS vulnerability in NikoSoft WebMail before 0.11.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2005-1866

Cross-site scripting XSS vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote attackers to inject arbitrary web script or HTML via the year parameter...

CVE-2005-1327

Cross-site scripting XSS vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter...

CVE-2023-25346

A reflected cross-site scripting XSS vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found...

CVE-2023-25077

Cross-site scripting vulnerability in Authentication Key Settings of EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0 allows a remote authenticated attacker to inject an arbitrary script...

CVE-2023-25347

A stored cross-site scripting XSS vulnerability in ChurchCRM 4.5.3, allows remote attackers to inject arbitrary web script or HTML via input fields. These input fields are located in the "Title" Input Field in EventEditor.php...

CVE-2023-43614

Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script...